Deptartment Homeland Security Plans New Cybersecurity Wiki

The Homeland Security Department plans to develop a “cyber ops wiki” that agencies can use to improve collaboration on cybersecurity efforts, according to a notice from the department.

The wiki will be used by DHS’ National Cyber Security Center (NCSC) and the six other federal cybersecurity centers as a collaboration tool and a way to develop improved situational awareness, communication and information sharing, DHS said in a notice published on Aug. 11 on the Federal Business Opportunities Web site.

Amy Kudwa, a DHS spokeswoman, said “NCSC is engaging industry expertise to develop a Web 2.0/3.0-enabled collaboration platform — this is an important piece of the larger NCSC vision of meaningful collaboration across government.”

DHS’ NCSC was established during the George W. Bush administration to coordinate cybersecurity efforts across the government. Phil Reitinger, DHS’ deputy undersecretary of the department’s National Protection and Programs Directorate now leads the center.

North Korea May Be Behind Wave of Cyberattacks

South Korean intelligence officials believe it was North Korea or pro-Pyongyang forces that committed cyber attacks that paralyzed major South Korean and U.S. government Web sites, aides to two lawmakers said Wednesday.

Read the related stories.

Government Agencies, Washington Post Targeted in Cyberattack

Cyber Attack Hits South Korean Web Sites

Source

Obama Shakes Up White House Security Structure

US President Barack Obama on Tuesday ended the divide between national security and homeland security staff in the White House, arguing the move would make Americans safer.

Obama shook up the security structure of his teams of advisors after examining the results of a study he ordered into how best to handle homeland security and counter-terrorism efforts.

“I have carefully reviewed the findings and recommendations of that study, and am announcing a new approach which will strengthen our security and the safety of our citizens,” Obama said in a statement.

“These decisions reflect the fundamental truth that the challenges of the 21st Century are increasingly unconventional and transnational, and therefore demand a response that effectively integrates all aspects of American power.”

The move will see the full integration of the White House National Security Council and the Homeland Security Council to support all policy on international, transnational and homeland security issues.

Obama also decided to form new directorates and positions on the new National Security Staff to cope with 21st Century threats including cybersecurity and possible terrorism using weapons of mass destruction.

via Obama shakes up White House security structure – Yahoo! News.

U.S. Cyberattack Console Aims to Turn Grunts into Hackers

The U.S. military is putting together a suite of hacking tools that could one day make breaking into networks as easy for the average grunt as kicking down a door.

That’s the word from Aviation Week, which snuck an unusual peek inside a “U.S. cyberwarfare attack laboratory.” There, researchers are building a “device” that would “weaponiz[e] cyberattack for the non-cyberspecialist, military user.”

In recent years, Defense Department officials have thumped their chests, hard, about how good the Pentagon is at hacking enemy networks. But discussing specific online attacks — ordinarily, that’s done mostly inside of secure facilities. A 2008 Danger Room post on an unclassified Air Force research project to give cyberwarriors “full control” of “any and all” computers set of a frenzy inside the service. Generals were pelted with questions about how such supposedly-sensitive information was allowed to escape into the public sphere. Since then, there have been increased calls within military circles to show off at least some of what the armed forces’ network attackers can do. It’s an effective way of detering potential foes online, the logic goes.

The device described to Aviation Week is designed “to tap into satellite communications, voice over Internet, proprietary Scada [supervisory control and data acquisition] networks — virtually any wireless network.” And it would be able to do so in a way that makes sense to n00bs.

via U.S. Cyberattack Console Aims to Turn Grunts into Hackers | Danger Room | Wired.com.

FBI Spyware Has Been Snaring Extortionists, Hackers for Years

A sophisticated FBI-produced spyware program has played a crucial behind-the-scenes role in federal investigations into extortion plots, terrorist threats and hacker attacks in cases stretching back at least seven years, newly declassified documents show.

As first reported by Wired.com, the software, called a “computer and internet protocol address verifier,” or CIPAV, is designed to infiltrate a target’s computer and gather a wide range of information, which it secretly sends to an FBI server in eastern Virginia. The FBI’s use of the spyware surfaced in 2007 when the bureau used it to track e-mailed bomb threats against a Washington state high school to a 15-year-old student.

But the documents released Thursday under the Freedom of Information Act show the FBI has quietly obtained court authorization to deploy the CIPAV in a wide variety of cases, ranging from major hacker investigations, to someone posing as an FBI agent online. Shortly after its launch, the program became so popular with federal law enforcement that Justice Department lawyers in Washington warned that overuse of the novel technique could result in its electronic evidence being thrown out of court in some cases.

via Read Full Article

Electric Grid Hacked By Chinese and Russian Cyberspies

The intruders, who came from countries including China and Russia, were believed to be attempting to map the US electrical system and work out how it was controlled, according to reports in the Wall Street Journal.

Officials said the cyberspies had not tried to damage the grid, but warned they could during a crisis or war.

“The Chinese have attempted to map our infrastructure, such as the electrical grid,” a senior intelligence official told the paper. “So have the Russians.”

The intrusion spread across the country and didn’t target any specific companies or regions, a former Department of Homeland Security official said. “There are intrusions, and they are growing,” the former official said, referring to electrical systems. “There were a lot last year.”

Source

From The Wall Street Journal

Cyberspies have penetrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system, according to current and former national-security officials.

The spies came from China, Russia and other countries, these officials said, and were believed to be on a mission to navigate the U.S. electrical system and its controls. The intruders haven’t sought to damage the power grid or other key infrastructure, but officials warned they could try during a crisis or war.

“The Chinese have attempted to map our infrastructure, such as the electrical grid,” said a senior intelligence official. “So have the Russians.”

The espionage appeared pervasive across the U.S. and doesn’t target a particular company or region, said a former Department of Homeland Security official. “There are intrusions, and they are growing,” the former official said, referring to electrical systems. “There were a lot last year.”

Many of the intrusions were detected not by the companies in charge of the infrastructure but by U.S. intelligence agencies, officials said. Intelligence officials worry about cyber attackers taking control of electrical facilities, a nuclear power plant or financial networks via the Internet.

Authorities investigating the intrusions have found software tools left behind that could be used to destroy infrastructure components, the senior intelligence official said. He added, “If we go to war with them, they will try to turn them on.”

Officials said water, sewage and other infrastructure systems also were at risk.

Source

GhostNet – Canadians Find Vast Computer Spy Network

Canadian researchers have uncovered a vast electronic spying operation that infiltrated computers and stole documents from government and private offices around the world, including those of the Dalai Lama, The New York Times reported on Saturday.

In a report provided to the newspaper, a team from the Munk Center for International Studies in Toronto said at least 1,295 computers in 103 countries had been breached in less than two years by the spy system, which it dubbed GhostNet.

Embassies, foreign ministries, government offices and the Dalai Lama’s Tibetan exile centers in India, Brussels, London and New York were among those infiltrated, said the researchers, who have detected computer espionage in the past.

They found no evidence U.S. government offices were breached.

The researchers concluded that computers based almost exclusively in China were responsible for the intrusions, although they stopped short of saying the Chinese government was involved in the system, which they described as still active.

“We’re a bit more careful about it, knowing the nuance of what happens in the subterranean realms,” said Ronald Deibert, a member of the Munk research group, based at the University of Toronto.

“This could well be the CIA or the Russians. It’s a murky realm that we’re lifting the lid on.”

A spokesman for the Chinese Consulate in New York dismissed the idea China was involved. “These are old stories and they are nonsense,” the spokesman, Wenqi Gao, told the Times. “The Chinese government is opposed to and strictly forbids any cybercrime.”

Source